diff --git a/samples/boot/oauth2login-webflux/src/test/java/sample/OAuth2LoginControllerTests.java b/samples/boot/oauth2login-webflux/src/test/java/sample/OAuth2LoginControllerTests.java index 7b3dd76c47..86a0726f64 100644 --- a/samples/boot/oauth2login-webflux/src/test/java/sample/OAuth2LoginControllerTests.java +++ b/samples/boot/oauth2login-webflux/src/test/java/sample/OAuth2LoginControllerTests.java @@ -79,6 +79,6 @@ public class OAuth2LoginControllerTests { public void indexGreetsAuthenticatedUser() { this.rest.mutateWith(mockOAuth2Login()) .get().uri("/").exchange() - .expectBody(String.class).value(containsString("test-subject")); + .expectBody(String.class).value(containsString("user")); } } diff --git a/samples/boot/oauth2login/src/integration-test/java/sample/OAuth2LoginApplicationTests.java b/samples/boot/oauth2login/src/integration-test/java/sample/OAuth2LoginApplicationTests.java index 42984ee7da..71e0f3d7b2 100644 --- a/samples/boot/oauth2login/src/integration-test/java/sample/OAuth2LoginApplicationTests.java +++ b/samples/boot/oauth2login/src/integration-test/java/sample/OAuth2LoginApplicationTests.java @@ -263,9 +263,9 @@ public class OAuth2LoginApplicationTests { public void requestWhenMockOAuth2LoginThenIndex() throws Exception { ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId("github"); this.mvc.perform(get("/").with(oauth2Login().clientRegistration(clientRegistration))) - .andExpect(model().attribute("userName", "test-subject")) + .andExpect(model().attribute("userName", "user")) .andExpect(model().attribute("clientName", "GitHub")) - .andExpect(model().attribute("userAttributes", Collections.singletonMap("sub", "test-subject"))); + .andExpect(model().attribute("userAttributes", Collections.singletonMap("sub", "user"))); } private void assertLoginPage(HtmlPage page) { diff --git a/samples/boot/oauth2login/src/test/java/sample/web/OAuth2LoginControllerTests.java b/samples/boot/oauth2login/src/test/java/sample/web/OAuth2LoginControllerTests.java index cd664893ac..033a55b7c4 100644 --- a/samples/boot/oauth2login/src/test/java/sample/web/OAuth2LoginControllerTests.java +++ b/samples/boot/oauth2login/src/test/java/sample/web/OAuth2LoginControllerTests.java @@ -64,9 +64,9 @@ public class OAuth2LoginControllerTests { @Test public void rootWhenAuthenticatedReturnsUserAndClient() throws Exception { this.mvc.perform(get("/").with(oauth2Login())) - .andExpect(model().attribute("userName", "test-subject")) + .andExpect(model().attribute("userName", "user")) .andExpect(model().attribute("clientName", "test")) - .andExpect(model().attribute("userAttributes", Collections.singletonMap("sub", "test-subject"))); + .andExpect(model().attribute("userAttributes", Collections.singletonMap("sub", "user"))); } @Test diff --git a/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java b/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java index 299a82f9fb..aff840de3a 100644 --- a/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java +++ b/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java @@ -185,7 +185,7 @@ public class SecurityMockServerConfigurers { */ public static OAuth2LoginMutator mockOAuth2Login() { OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "access-token", - null, null, Collections.singleton("user")); + null, null, Collections.singleton("read")); return new OAuth2LoginMutator(accessToken); } @@ -200,7 +200,7 @@ public class SecurityMockServerConfigurers { */ public static OidcLoginMutator mockOidcLogin() { OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "access-token", - null, null, Collections.singleton("user")); + null, null, Collections.singleton("read")); return new OidcLoginMutator(accessToken); } @@ -844,7 +844,7 @@ public class SecurityMockServerConfigurers { private Map defaultAttributes() { Map attributes = new HashMap<>(); - attributes.put(this.nameAttributeKey, "test-subject"); + attributes.put(this.nameAttributeKey, "user"); return attributes; } @@ -907,7 +907,7 @@ public class SecurityMockServerConfigurers { */ public OidcLoginMutator idToken(Consumer idTokenBuilderConsumer) { OidcIdToken.Builder builder = OidcIdToken.withTokenValue("id-token"); - builder.subject("test-subject"); + builder.subject("user"); idTokenBuilderConsumer.accept(builder); this.idToken = builder.build(); this.oidcUser = this::defaultPrincipal; @@ -1018,7 +1018,7 @@ public class SecurityMockServerConfigurers { private OidcIdToken getOidcIdToken() { if (this.idToken == null) { - return new OidcIdToken("id-token", null, null, Collections.singletonMap(IdTokenClaimNames.SUB, "test-subject")); + return new OidcIdToken("id-token", null, null, Collections.singletonMap(IdTokenClaimNames.SUB, "user")); } else { return this.idToken; } @@ -1041,7 +1041,7 @@ public class SecurityMockServerConfigurers { private String registrationId = "test"; private ClientRegistration clientRegistration; private OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, - "access-token", null, null, Collections.singleton("user")); + "access-token", null, null, Collections.singleton("read")); private ServerOAuth2AuthorizedClientRepository authorizedClientRepository = new WebSessionServerOAuth2AuthorizedClientRepository(); @@ -1122,7 +1122,7 @@ public class SecurityMockServerConfigurers { throw new IllegalArgumentException("Please specify a ClientRegistration via one " + "of the clientRegistration methods"); } - return new OAuth2AuthorizedClient(this.clientRegistration, "test-subject", this.accessToken); + return new OAuth2AuthorizedClient(this.clientRegistration, "user", this.accessToken); } private ClientRegistration.Builder clientRegistrationBuilder() { diff --git a/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java b/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java index ae6f1b7dfc..4e0e0aa1ea 100644 --- a/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java +++ b/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java @@ -398,7 +398,7 @@ public final class SecurityMockMvcRequestPostProcessors { */ public static OAuth2LoginRequestPostProcessor oauth2Login() { OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "access-token", - null, null, Collections.singleton("user")); + null, null, Collections.singleton("read")); return new OAuth2LoginRequestPostProcessor(accessToken); } @@ -428,7 +428,7 @@ public final class SecurityMockMvcRequestPostProcessors { */ public static OidcLoginRequestPostProcessor oidcLogin() { OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "access-token", - null, null, Collections.singleton("user")); + null, null, Collections.singleton("read")); return new OidcLoginRequestPostProcessor(accessToken); } @@ -1435,7 +1435,7 @@ public final class SecurityMockMvcRequestPostProcessors { private Map defaultAttributes() { Map attributes = new HashMap<>(); - attributes.put(this.nameAttributeKey, "test-subject"); + attributes.put(this.nameAttributeKey, "user"); return attributes; } @@ -1495,7 +1495,7 @@ public final class SecurityMockMvcRequestPostProcessors { */ public OidcLoginRequestPostProcessor idToken(Consumer idTokenBuilderConsumer) { OidcIdToken.Builder builder = OidcIdToken.withTokenValue("id-token"); - builder.subject("test-subject"); + builder.subject("user"); idTokenBuilderConsumer.accept(builder); this.idToken = builder.build(); this.oidcUser = this::defaultPrincipal; @@ -1577,7 +1577,7 @@ public final class SecurityMockMvcRequestPostProcessors { private OidcIdToken getOidcIdToken() { if (this.idToken == null) { return new OidcIdToken("id-token", null, null, - Collections.singletonMap(IdTokenClaimNames.SUB, "test-subject")); + Collections.singletonMap(IdTokenClaimNames.SUB, "user")); } else { return this.idToken; } @@ -1600,7 +1600,7 @@ public final class SecurityMockMvcRequestPostProcessors { private String registrationId = "test"; private ClientRegistration clientRegistration; private OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, - "access-token", null, null, Collections.singleton("user")); + "access-token", null, null, Collections.singleton("read")); private OAuth2ClientRequestPostProcessor() { } @@ -1654,7 +1654,7 @@ public final class SecurityMockMvcRequestPostProcessors { "of the clientRegistration methods"); } OAuth2AuthorizedClient client = new OAuth2AuthorizedClient - (this.clientRegistration, "test-subject", this.accessToken); + (this.clientRegistration, "user", this.accessToken); OAuth2AuthorizedClientRepository authorizedClientRepository = new HttpSessionOAuth2AuthorizedClientRepository(); authorizedClientRepository.saveAuthorizedClient(client, null, request, new MockHttpServletResponse()); diff --git a/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOAuth2LoginTests.java b/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOAuth2LoginTests.java index 10b03d173c..e412bc85e9 100644 --- a/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOAuth2LoginTests.java +++ b/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOAuth2LoginTests.java @@ -86,9 +86,9 @@ public class SecurityMockServerConfigurersOAuth2LoginTests extends AbstractMockS assertThat(token.getAuthorizedClientRegistrationId()).isEqualTo("test"); assertThat(token.getPrincipal()).isInstanceOf(OAuth2User.class); assertThat(token.getPrincipal().getAttributes()) - .containsEntry("sub", "test-subject"); + .containsEntry("sub", "user"); assertThat((Collection) token.getPrincipal().getAuthorities()) - .contains(new SimpleGrantedAuthority("SCOPE_user")); + .contains(new SimpleGrantedAuthority("SCOPE_read")); } @Test @@ -134,7 +134,7 @@ public class SecurityMockServerConfigurersOAuth2LoginTests extends AbstractMockS @Test public void oauth2LoginWhenOAuth2UserSpecifiedThenLastCalledTakesPrecedence() throws Exception { OAuth2User oauth2User = new DefaultOAuth2User( - AuthorityUtils.createAuthorityList("SCOPE_user"), + AuthorityUtils.createAuthorityList("SCOPE_read"), Collections.singletonMap("sub", "subject"), "sub"); diff --git a/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOidcLoginTests.java b/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOidcLoginTests.java index 2fbaaf1e43..d5afb792b2 100644 --- a/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOidcLoginTests.java +++ b/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOidcLoginTests.java @@ -86,9 +86,9 @@ public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockSer assertThat(token.getAuthorizedClientRegistrationId()).isEqualTo("test"); assertThat(token.getPrincipal()).isInstanceOf(OidcUser.class); assertThat(token.getPrincipal().getAttributes()) - .containsEntry("sub", "test-subject"); + .containsEntry("sub", "user"); assertThat((Collection) token.getPrincipal().getAuthorities()) - .contains(new SimpleGrantedAuthority("SCOPE_user")); + .contains(new SimpleGrantedAuthority("SCOPE_read")); assertThat(((OidcUser) token.getPrincipal()).getIdToken().getTokenValue()) .isEqualTo("id-token"); } @@ -150,7 +150,7 @@ public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockSer @Test public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception { OidcUser oidcUser = new DefaultOidcUser( - AuthorityUtils.createAuthorityList("SCOPE_user"), idToken().build()); + AuthorityUtils.createAuthorityList("SCOPE_read"), idToken().build()); this.client.mutateWith(mockOidcLogin() .idToken(i -> i.subject("foo")) diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java index 1937faf561..a3c9db8255 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java @@ -90,7 +90,7 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests { throws Exception { this.mvc.perform(get("/name").with(oauth2Login())) - .andExpect(content().string("test-subject")); + .andExpect(content().string("user")); this.mvc.perform(get("/admin/id-token/name").with(oauth2Login())) .andExpect(status().isForbidden()); } @@ -120,7 +120,7 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests { @Test public void oauth2LoginWhenNameSpecifiedThenUserHasName() throws Exception { OAuth2User oauth2User = new DefaultOAuth2User( - AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_user"), + AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"), Collections.singletonMap("custom-attribute", "test-subject"), "custom-attribute"); this.mvc.perform(get("/attributes/custom-attribute") @@ -142,7 +142,7 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests { @Test public void oauth2LoginWhenOAuth2UserSpecifiedThenLastCalledTakesPrecedence() throws Exception { OAuth2User oauth2User = new DefaultOAuth2User( - AuthorityUtils.createAuthorityList("SCOPE_user"), + AuthorityUtils.createAuthorityList("SCOPE_read"), Collections.singletonMap("username", "user"), "username"); @@ -167,7 +167,7 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests { http .authorizeRequests(authorize -> authorize .mvcMatchers("/admin/**").hasAuthority("SCOPE_admin") - .anyRequest().hasAuthority("SCOPE_user") + .anyRequest().hasAuthority("SCOPE_read") ).oauth2Login(); } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java index 00f4cee255..cacc1c0cb0 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java @@ -95,7 +95,7 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests { throws Exception { this.mvc.perform(get("/name").with(oidcLogin())) - .andExpect(content().string("test-subject")); + .andExpect(content().string("user")); this.mvc.perform(get("/admin/id-token/name").with(oidcLogin())) .andExpect(status().isForbidden()); } @@ -133,7 +133,7 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests { @Test public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception { OidcUser oidcUser = new DefaultOidcUser( - AuthorityUtils.createAuthorityList("SCOPE_user"), idToken().build()); + AuthorityUtils.createAuthorityList("SCOPE_read"), idToken().build()); this.mvc.perform(get("/id-token/sub") .with(oidcLogin() @@ -156,7 +156,7 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests { http .authorizeRequests() .mvcMatchers("/admin/**").hasAuthority("SCOPE_admin") - .anyRequest().hasAuthority("SCOPE_user") + .anyRequest().hasAuthority("SCOPE_read") .and() .oauth2Login(); }